PayPal - We have not been hacked

There were some media reports in the latter part of the last week that PayPal had been hacked, and that PayPal account information had been made public by attackers. The company has responded to the claims, asserting with authority that, "the PayPal site has not been breached or hacked in any way."

In reality, a group of hackers claimed to have compromized another site, which PayPal points out is "less secure." From the breached website, the attackers mined usernames and passwords of a number of accounts. Upon releasing the information publicly, the hackers suggested that people try accessing personal online accounts on websites using the same credentials, and PayPal was listed as a suggestion.

So there was no breach of PayPal's system, instead the hackers were just suggesting that some users would have used the same password as they did for the compromised website.

"PayPal's security team became aware of this particular security situation early on and proactively began monitoring a number of accounts for suspicious activity, in order to protect our customers," the company stated.

"PayPal always safeguards our customers from qualified unauthorized payments sent from their accounts. We regularly monitor for unusual activity on accounts and will work directly with customers if they suspect their accounts have been accessed fraudulently."

Originally posted by Jeffrey_P: BS PayPal has been hacked before to access personal information.
Jeff

Proof? And what does that have to do with the article at hand anyways?

The point of the article is you should different passwords for financial sites (banks, paypal, etc) than you do for gmail, facebook and other less important sites.

Or use your amimal, kids name(s)and/or a simple passwords.
That doesn't change the fact PayPal has been hacked before.
The way it reads is PayPay is invulnerable which is not the case.
I don't need to give you proof, it is well documented.
Jeff

This message has been edited since its posting. Latest edit was made on 19 Jun 2011 @ 13:17

I don't think Paypal itself has been hacked, or if it has, not in quite some time. But no system is fool proof, and I do not believe Paypal is saying theirs are. I believe what paypal is stating is that they try to stay on top of accounts to make sure each client is safe regardless of a hack. That's honestly as best as you can do it actually, the rest is up to each client to make sure they check regularly for any activity. Hell, I'd honestly buy an email getting hacked before paypal, and that's not because I stating paypal can't be hacked, it can. But it's not quite going with the trend of what hacker groups or individuals who respect freedom of information are doing. Sure eventually you'll get a bad apple out of the hacker group that would use hacking to steal $, credit, accounts and so forth; but not as a common as just being hacked to get info. Basically if you are so concerned, the minute its verified, change your passwords on anything that ties to your name, and investigate fraud if any charges look questionable. Anyone who doesn't do those things are lazy and deserve to be stolen from.

This message has been edited since its posting. Latest edit was made on 19 Jun 2011 @ 13:46

Originally posted by Mysttic: I don't think Paypal itself has been hacked, or if it has, not in quite some time. But no system is fool proof, and I do not believe Paypal is saying theirs are. I believe what paypal is stating is that they try to stay on top of accounts to make sure each client is safe regardless of a hack. That's honestly as best as you can do it actually, the rest is up to each client to make sure they check regularly for any activity. Hell, I'd honestly buy an email getting hacked before paypal, and that's not because I stating paypal can't be hacked, it can. But it's not quite going with the trend of what hacker groups or individuals who respect freedom of information are doing. Sure eventually you'll get a bad apple out of the hacker group that would use hacking to steal $, credit, accounts and so forth; but not as a common as just being hacked to get info. Basically if you are so concerned, the minute its verified, change your passwords on anything that ties to your name, and investigate fraud if any charges look questionable. Anyone who doesn't do those things are lazy and deserve to be stolen from.

It doesn't matter if it's Paypal or NoPal, the point is PayPal should not post misleading information.
Jeff

Seeing as PayPal is global and makes it's money like a bank without loans or other means like that of a 'brick & mortar' establishment; they're well aware of the attacks that come & go. They probably do spend more money on security than the average bear than what we have been seeing and thus the reason why we haven't seen them in the news.

I would almost go so far as to say they are one of the few companies that actually broke from the typical corporate models (somewhat) and decided to use the money earned and actually use it to build their business properly. This day in age it really is a wild guess, but one well founded I'm sure.

As I have mentioned in the past, proactive is the best means. All the corporate idiots of today seem to think their desperate millions will be made free & clear so that their get away will leave the next guy holding the blame for the failure. "That" is supposedly their safety feature. Frankly I'm tired of it.

Money = entitlement, or desperate poverty = entitlement. Yet virtually 85% of the US (sorry everybody else, I haven't lived where you are, but I can feel for you too) is literally 2 car repairs or one bad utility bill away from being impoverished.

Money people still won't see it. The rest will. I'm glad PayPal has my back at the moment because my VA pension would be at risk otherwise, but I can fix that pretty quick. Most of you other folks, I'm guessing might be f$^%#ed in two twists of a salted peter?

Originally posted by LordRuss: Seeing as PayPal is global and makes it's money like a bank without loans or other means like that of a 'brick & mortar' establishment; they're well aware of the attacks that come & go. They probably do spend more money on security than the average bear than what we have been seeing and thus the reason why we haven't seen them in the news.

I would almost go so far as to say they are one of the few companies that actually broke from the typical corporate models (somewhat) and decided to use the money earned and actually use it to build their business properly. This day in age it really is a wild guess, but one well founded I'm sure.

As I have mentioned in the past, proactive is the best means. All the corporate idiots of today seem to think their desperate millions will be made free & clear so that their get away will leave the next guy holding the blame for the failure. "That" is supposedly their safety feature. Frankly I'm tired of it.

Money = entitlement, or desperate poverty = entitlement. Yet virtually 85% of the US (sorry everybody else, I haven't lived where you are, but I can feel for you too) is literally 2 car repairs or one bad utility bill away from being impoverished.

Money people still won't see it. The rest will. I'm glad PayPal has my back at the moment because my VA pension would be at risk otherwise, but I can fix that pretty quick. Most of you other folks, I'm guessing might be f$^%#ed in two twists of a salted peter?

I agree. I also have a PayPal account. I never leave money in my account and leave minimal personal information. I just make transactions with it, which is more secure then making transaction unknown with a HTTPS server(s).

Far as overhauls go.. there will always be a way to circumvent whatever means are used for protection.

The best way to stop being hacked, avoid viruses, malware and the like is to disconnect your internet connection. We both know that will ever happen.
Jeff

Yes Papal is better than many far as security goes. Still it does not stop being hacked. PayPal is not immune from some 12 year old hacker.
Happy fathers day.
Jeff

This message has been edited since its posting. Latest edit was made on 19 Jun 2011 @ 15:00

Originally posted by LordRuss: Seeing as PayPal is global and makes it's money like a bank without loans or other means like that of a 'brick & mortar' establishment; they're well aware of the attacks that come & go. They probably do spend more money on security than the average bear than what we have been seeing and thus the reason why we haven't seen them in the news.

I would almost go so far as to say they are one of the few companies that actually broke from the typical corporate models (somewhat) and decided to use the money earned and actually use it to build their business properly. This day in age it really is a wild guess, but one well founded I'm sure.

As I have mentioned in the past, proactive is the best means. All the corporate idiots of today seem to think their desperate millions will be made free & clear so that their get away will leave the next guy holding the blame for the failure. "That" is supposedly their safety feature. Frankly I'm tired of it.

Money = entitlement, or desperate poverty = entitlement. Yet virtually 85% of the US (sorry everybody else, I haven't lived where you are, but I can feel for you too) is literally 2 car repairs or one bad utility bill away from being impoverished.

Money people still won't see it. The rest will. I'm glad PayPal has my back at the moment because my VA pension would be at risk otherwise, but I can fix that pretty quick. Most of you other folks, I'm guessing might be f$^%#ed in two twists of a salted peter?

I agree. I also have a PayPal account. I never leave money in my account and leave minimal personal information. I just make transactions with it, which is more secure then making transaction unknown with a HTTPS server(s).

Far as overhauls go.. there will always be a way to circumvent whatever means are used for protection.

The best way to stop being hacked, avoid viruses, malware and the like is to disconnect your internet connection. We both know that will ever happen.
Jeff

Yes Papal is better than many far as security goes. Still it does not stop being hacked. PayPal is not immune from some 12 year old hacker.
Happy fathers day.
Jeff

That had to do with someone's info getting stolen probably thru a phishing scam. It was not a database hack. And you are reading what you want in the original article. They are responding to reports out this week that PayPal had been hacked and they said they weren't. Nowhere does it read PayPal has never ever been hacked and never will.

That had to do with someone's info getting stolen probably thru a phishing scam. It was not a database hack. And you are reading what you want in the original article. They are responding to reports out this week that PayPal had been hacked and they said they weren't. Nowhere does it read PayPal has never ever been hacked and never will.

You must be a PayPal employee.
No sever is invulnerable to hacking at least not yet..
I'm not trying to dog you but facts are facts.
Happy fathers day.
Jeff

Didn't say it was invulnerable. The article just stated that it wasn't hacked this week as reported. It could change tomorrow. Who knows. Just think you are overreaching about what this article is about.

Originally posted by Jeffrey_P: One instance.
You look up the rest for yourself
Jeff

That had to do with someones info getting stolen probably thru a phishing scam. It was not a database hack. And you are reading what you want in the original article. They are responding to reports out this week that PayPal had been hacked and they said they werent. Nowhere does it read PayPal has never ever been hacked and never will.

You must be a PayPal employee.
No sever is invulnerable to hacking at least not yet..
Im not trying to dog you but facts are facts.
Happy fathers day.
Jeff

Someone creating a thread on a random forum titled, "Paypal Hacked," does not mean the service itself was hacked.. it seems as though that certain individual either had a keylogger on his computer or fell for a phishing email.

That had to do with someone's info getting stolen probably thru a phishing scam. It was not a database hack. And you are reading what you want in the original article. They are responding to reports out this week that PayPal had been hacked and they said they weren't. Nowhere does it read PayPal has never ever been hacked and never will.

You must be a PayPal employee.
No sever is invulnerable to hacking at least not yet..
I'm not trying to dog you but facts are facts.
Happy fathers day.
Jeff

You must be an AlertPay employee.

I've been looking and looking and can't seem to find any of these well-documented hacking cases. I've seen people complain on Yahoo! Answers saying "my account was hacked", probably the victim of a phishing scam...and tons of other phishing victims...but not anything related to Paypal being hacked. The closest I could find was "Gmail was hacked, therefore Paypal and Ebay have been hacked by association."

Seems to me that's it's never before been hacked...seems pretty invulnerable to me so far. You should provide some of that proof that you don't want to provide so badly.

This message has been edited since its posting. Latest edit was made on 20 Jun 2011 @ 2:36

Originally posted by smiler123: If anyone is industrious enough to hack paypal they are welcome to the 23p in my account.

Happy shopping

NOW That's what I'm talking about!

I'm just worried about back tracking into my original bank account that probably "isn't" better protected. Frankly, nothing is left dormant in my PayPal account at all. It's nothing but a portal. Although I'm not daft... I know several online businesses use it as their source for maintaining their finances.

Liars !! My account with paypal was hacked . I have not used it in over two years !! But someone used it today !! Charged 49.99 not once but twice to microsoft!!!!! I called microsoft and I was told they had alot of problems with fraudulent uses concerning paypal by the receptionist answering the phone. However when connected to a customer service rep they totally denied the problem existed . I am getting my money back but only after a big hassle that should've never happened in the first place!!
Yes , from now on I am only using a green dot card for online transactions. All bank information will be deleted and I am closing my bank account and opening another one

Are you sure it wasn't in tandem with ebay linked to paypal? It's usually someone outside paypal that ends up getting into your account, not actually the criminal getting into paypal by brute force. I.e., they got your information through ebay or another source, got into your paypal account & then accessed your banking information from there.

Just a thought and a redundant question... not trying to pry into your personal business.

Are you sure it wasn't in tandem with ebay linked to paypal? It's usually someone outside paypal that ends up getting into your account, not actually the criminal getting into paypal by brute force. I.e., they got your information through ebay or another source, got into your paypal account & then accessed your banking information from there.

Are you sure it wasn't in tandem with ebay linked to paypal? It's usually someone outside paypal that ends up getting into your account, not actually the criminal getting into paypal by brute force. I.e., they got your information through ebay or another source, got into your paypal account & then accessed your banking information from there.

I don't have an e-bay account . Never go there !! I have never been there from this computer. I have never had a problem like this before. The folks at paypal still took the money out of my account even though I filed a dispute!! Something I guess they have to do as the situation is still being investigated . They assured me no one had access to my bank account . I am still worried , I can't close my account because the money has to be returned there and then I have to transfer it to my bank . A big fat pain in the ass!!

By the way..... I didn't have any money in my account. They used the bank information I had saved there to make the transactions . Also when I called Microsoft they couldn't tell me anything about the purchases that were made with my account . Nothing at all .They said there was no way of tracing them . Like I said the customer service rep totally denied any kind of problem with Microsoft/Paypal until I mentioned that the receptionist had told me all about it !!!!

Just because someone got into your account, that does not mean they have been hacked. Obviously anything is possible, but PayPal has very high security standards; far better than Sony(lol) or even the DoD.

occam's razor...
Someone stole one of your another accounts with the same email and password and decided to try it out on paypal.

[edit]
Oh, and EVERY company has lots of complaints with PayPal...it is because of the nature of the service...all online currency systems deal with this, and PayPal is actually one of the safest ones. Just look at bitcoin.

This message has been edited since its posting. Latest edit was made on 22 Jun 2011 @ 12:55

Deny , deny , deny and the world seems so much better ........as I said when I called microsoft the receptionist TOLD ME they had been getting alot of phone calls and problems with paypal/microsoft fraudulent charges recently !!!!

Originally posted by robbed by hackers: Deny , deny , deny and the world seems so much better ........as I said when I called microsoftthe receptionist TOLD ME they had been getting alot of phone calls and problems with paypal/microsoft fraudulent charges recently !!!!

The receptionist doesn't know squat... M$ uses "X" to go through PayPal. There are 100 companies (like Verisign for just one) that then go through PayPal to access your bank.

All that receptionist is doing is fielding your call & deflecting you from doing any other damage. That is it.

You have been introduced to both the "passing of the buck" & the "prison position" as far as M$ is concerned. I'm sure I can say for everyone here in the forum that we feel for you. We have all been in your place & wish ill on corporate thieves like them, but it doesn't change the facts.

So, the receptionist claims of random callers alleging the exact same thing your going through, because your heated & upset and want payback... You never got restitution did you? M$ still got their way, right? I mean, big business wouldn't do anything like that would they?

Yeah ,your right about Microsoft ...Paypal will have to return the money to me . My claim is still under "investigation" . They took the money from my account but it has to go thru a process and then be returned to me .

That'll probably hurt more than anything... Which means they'll earn double off the interest and then send your original loss back to you, minus a service fee. Which is why the whole economy is a wreck. Money made from debt.

Originally posted by LordRuss: Ok, now I'm lost... in translation... I mean, I couldn't use my original username that I wanted anyway, much less a url. But, what was http's comment in relation to?

The phishing thing I got... plissken contradicted himself, but I got it... But the "come on"... Did my browser miss a few blocks of 'replies'? The numbering seems right?

Maybe I could have said it in better words but the main point is that the article is about Paypal getting hack, not users getting hacked or phished. These are two different concepts. It is far easier to trick someone into giving up their password than to hack a database behind a firewall.

This message has been edited since its posting. Latest edit was made on 23 Jun 2011 @ 23:12

Originally posted by LordRuss: Ok, now I'm lost... in translation... I mean, I couldn't use my original username that I wanted anyway, much less a url. But, what was http's comment in relation to?

The phishing thing I got... plissken contradicted himself, but I got it... But the "come on"... Did my browser miss a few blocks of 'replies'? The numbering seems right?

Maybe I could have said it in better words but the main point is that the article is about Paypal getting hack, not users getting hacked or phished. These are two different concepts. It is far easier to trick someone into giving up their password than to hack a database behind a firewall.

hhhhmmmm...what a co-inky dinky then ! I know alot of people and I work with the public . I engage in alot of small talk .....funny three different people have told me of someone they know having the same thing happen to them . One girl I work with said her boyfriend was just hit a couple of months ago at his paypal account . He was charged twice for two purchases at guess where??? MICROSOFT ! He was reimbursed for one charge and is still waiting for reimbursement on the other . Both occured on the same day one right after the other . Who can say for sure what happened but I find it interesting that these stories I have heard are all similiar to mine ...

And how many of these people you talk to you ask about their internet security. Do they use a good Antivirus? Do they use alot of the same username/password at alot of sites? Do they open up emails from unknown senders? Open links for well known sites from within their email. Have friends or family using their computer? It's funny that all your small talk friends have unauthorized charges from the same corporation. Not saying what you say isn't true but there are alot coincidences? If everyone's internet protocol was based on common sense and not so trusting, there would be alot less malware, adware, and viruses prevelant on the interent. Read a few articles back and there were actually people taking their laptop into the bathroom because of a faked error message telling them steam would fix an internal sensor problem. If hacking a database was so easy, there would be no need for phishing scams. Sorry for your problems, but you have as yet proved that this is proof of a hack of PayPal's database

Originally posted by solamf30: And how many of these people you talk to you ask about their internet security. Do they use a good Antivirus? Do they use alot of the same username/password at alot of sites? Do they open up emails from unknown senders? Open links for well known sites from within their email. Have friends or family using their computer? It's funny that all your small talk friends have unauthorized charges from the same corporation. Not saying what you say isn't true but there are alot coincidences? If everyone's internet protocol was based on common sense and not so trusting, there would be alot less malware, adware, and viruses prevelant on the interent. Read a few articles back and there were actually people taking their laptop into the bathroom because of a faked error message telling them steam would fix an internal sensor problem. If hacking a database was so easy, there would be no need for phishing scams. Sorry for your problems, but you have as yet proved that this is proof of a hack of PayPal's database

It is alot of coincidences ...that's why I think there is a problem ...when I was first scammed , after I called , I searched this on the internet to see if other people had problems , like the chick at microsoft had told me . That's the only reason I am here .
I have good virus protection on my computer and the people I talked with are not idiots. It's really not funny that these people have had the same problem as me . It's actually kind of frightening . Do you work for Microsoft or Paypal ?
I don't have to PROVE anything to anybody however I think the public needs to be made aware of this problem!!!

Well considering this article is about PayPal saying they weren't hacked, PROOF that they were is they only way to disprove what they were is false. So far you have went from you having a bad experience with PayPal to 3 or 4 of your small group of associates having the same problem. What's next? Half you Homeowners Association getting taken by Microsoft via PayPal. I'm not an employee of either corporation but on the flip side I could ask if you are a disgruntled ex-employee of Microsoft, PayPal or Ebay. I've searched the web and haven't found a widespread epidemic of Microsoft siphoning money from PayPal accounts. So it's odd that you and your friends are the only targets of a Microsoft theft ring. It sounds more like you and your friends are the victims of either a phishing scam or a database hack from some other website you all belong too and have the same username/password as you do at PayPal and have some kid ordering 360 games with your accounts

I am here to make people aware . All I can state are the facts . These people aren't friends , merely acquaintences . Why was the article written to begin with?????? There must've been a reason why they they felt the need to make a statement ....That's all I got to say and as soon as I get my money back I am closing my paypal account !!!
No I have never worked at either place ...and I don't really have anything against them, I just want my money back .

Well, just to say first, I don't believe in coincidence and secondly; if you really think you've been wronged is there such a thing as an international Better Business Bureau?

Coincidence is if you both wore the same red shirt, criminal activity states that M$ allowed several transactions to take place in their records & their covering it up before they have to start paying it back. PayPal knows this too. The only way I'm aware that you guys can get help is to have yet another organization with some clout help pressure them into conforming. If you're still having problems. Otherwise, time is not on your side.

Another avenue, the Postal Service. They have proof that the merchandise ordered from M$ did NOT get shipped to your house. It has to match the address on your card, right? Well, there you have it. Smack their ass with that.

Originally posted by LordRuss: Well, just to say first, I don't believe in coincidence and secondly; if you really think you've been wronged is there such a thing as an international Better Business Bureau?

Coincidence is if you both wore the same red shirt, criminal activity states that M$ allowed several transactions to take place in their records & their covering it up before they have to start paying it back. PayPal knows this too. The only way I'm aware that you guys can get help is to have yet another organization with some clout help pressure them into conforming. If you're still having problems. Otherwise, time is not on your side.

Another avenue, the Postal Service. They have proof that the merchandise ordered from M$ did NOT get shipped to your house. It has to match the address on your card, right? Well, there you have it. Smack their ass with that.

Tell them Russell sent you.

Yeah Russell , well thanks for the input! Before I came back here I called paypal again to inquire as to when I would get my money back . I talked to a lady that told me Microsoft was full of it and the original person I talked to at Paypal should've never given me the number and told me to call Microsoft because it was under investigation at Paypal. I told her, like you said, I know there has to be some sort of a trail . She said that is correct and they do prosecute!! She also said that they, whoever they are, can only see the last four digits of my bank account and not to worry that I should have to close my bank account . You can bet that I am changing all my passwords at every place I go to online and yeah they will all be different but I still think I will close my bank account and open another one !
Have a great weekend !

Ok , I tried to reply here once but I left the room after I hit the submit button and the page was gone when I got back ...didn't go thru??
I just wanted to inform you , I did get my money returned today ! Yay ! Yeah look at the bs I had to go thru !!! When I called Payal yesterday I told them , the end of the month is coming up and I had bills to pay !! Need my money yesterday !!!! Anyway they seemed to have listened and maybe they should come up with a new way of doing business such as sending a confirmation e-mail before the transaction is completed so the customer is made aware and can stop a thief before they have to go thru all of the nonsense !!
Anyway Russ , I went to your blog and it's very interesting , keep up the good work ! I especially liked you comments about taxes and small business ..I can relate to that as well . Had to get an llc for rental property and the metro revenue keeps harrassing me for taxes even though I told them I have no employees....I could ramble on forever ...but thanks for your support !!!

Look everyone paypal has been hacked so many times they can not even keep count or stop it point blank...so all the talk about paypal being hack is true and the talk about paypal can not be hacked is false 100%, Proof is on youtube copy and past this phrase in to youtubes search> PayPal New Hack Money 2011 when I seen the number of videos on their on real working hacking tools being used I closed my paypal account and totally closed my ebay account since ebay owns paypal and they work together on making and forcing buyers and sellers in to using paypal makes every member of ebay and paypal a full prime target for hacking....ebay and paypal are real top pro's in handing out the BS by the truck loads that is why so many sellers are leaving ebay also and joining and selling on such sites as ebid amazon and webstores...remember no matter how good ebay and paypal looks and sounds its like the old saying after having 12 beers anything looks good at the end of a night in any bar or club even a sheep or cow LOL!!! me I like amazon because their is no paypal acount needed to buy or sell and it and really is much safer then ebay could ever be along with its little sissy sister site paypal. So if you really care about your money and your friends and family even co workers tell them to stay away from paypal and ebay if not it will not be my money they control or gets hacked.Tea Any One???????
The Mad Hatter!

Originally posted by robbed by hackers: Liars !! My account with paypal was hacked . I have not used it in over two years !! But someone used it today !! Charged 49.99 not once but twice to microsoft!!!!! I called microsoft and I was told they had alot of problems with fraudulent uses concerning paypal by the receptionist answering the phone. However when connected to a customer service rep they totally denied the problem existed . I am getting my money back but only after a big hassle that should've never happened in the first place!!
Yes , from now on I am only using a green dot card for online transactions. All bank information will be deleted and I am closing my bank account and opening another one

Same type of thing happened to me I just found out. I hadn't used my paypal account in at least 6 months, logged in to update my information the other night so I could buy a gift for my dad and saw that my account was -74.99. Apparently someone else's account was also used, they made 2 payments of $40.00 to my account, then made a payment to Microsoft for 74.99 (or 6000 MS points). The other person caught it before I did, so they filed a complaint, Paypal never contacted me with their investigation, but reversed teh two $40.00 transactions, putting my account in the negative. Now I have filed with Paypal and waiting for an answer.

Originally posted by Jeffrey_P: BS PayPal has been hacked before to access personal information.
Jeff

hackers actually stole money from my pay pal account balance at the same time i made a withdrawel, the transaction i made to withdraw the money has been wiped from pay pals server and the money is gone, i have proof that there are in fact discrepancies with my account with paperwork i downloaded from pay pal. this was all going on whilst therte was a security issue on my account

Originally posted by Jeffrey_P: BS PayPal has been hacked before to access personal information.
Jeff

Yes and someone used my account and Paypal refuses to return my money. I always believed it was safer to use them than give my Credit Card info out at these sites. The money came from my bank account and was being removed as I was online doing my banking. Called PayPal immediately and had account locked. THEY ARE BOGUS CROOKS!